Prerequisites for NetFlow Hardware Support

Restrictions for NetFlow Hardware Support

•Cisco IOS Release 12.2SY and later releases do not support NetFlow version 7 or NetFlow version 8. Flexible NetFlow has limited support for NetFlow version 5.

•No statistics are available for flows that are forwarded when the NetFlow table is full.

•If the NetFlow table utilization exceeds the recommended utilization levels, there is an increased probability that there will be insufficient room to store statistics. Table 49-1 lists the recommended maximum utilization levels.

Table 49-1 NetFlow Table Utilization

PFC Mode

Effective NetFlow Table Utilization

Total NetFlow Table Capacity

PFC4XL

506,184 ingress entries

506,184 egress entries

524,288 (512k) ingress entries

524,288 (512k) egress entries

PFC4

515,032 ingress+egress entries

524,288 (512k) ingress+egress entries

•If a flow is destined to an address in the PBR range or is sourced from an address in the PBR range, the input and output interface will be the default route (if configured) or be null.

Information About NetFlow Hardware Support

The NetFlow table on the PFC and any DFCs captures data for flows forwarded in hardware. These are some of the features that use the NetFlow table:

•Flexible NetFlow

•Network address translation (NAT)

•QoS microflow policing

•Reflexive ACLS

•WCCP

To limit NetFlow CPU usage, you can configure aging timers to identify stale flows that can be deleted from the table. NetFlow deletes the stale entries to clear table space for new entries.

Default Settings for NetFlow Hardware Support

•Inactive Flow Aging: enabled (300 seconds)

•Fast Aging: disabled

•Active Flow Aging: enabled (1920 seconds)

How to Configure NetFlow Hardware Support

Note•NetFlow table aging keeps the NetFlow table size below the recommended utilization. If the number of NetFlow table entries exceeds the recommended utilization (see the "Restrictions for NetFlow Hardware Support" section), only adjacency statistics might be available for some flows.

Configuring Fast Aging

Configures an aging time for NetFlow table entries that have been inactive longer than the configured time value and that have forwarded fewer packets than the configured threshold value.

•Default: disabled.

•Default if timeseconds not entered: 32 seconds;range for the seconds value: 60-4092.

•Default if thresholdpackets not entered: 100 packetsrange for the packets value: 1-4000.

Note If you enable fast aging, initially set the value to 128 seconds. If the size of the NetFlow table continues to grow over the recommended utilization, decrease the setting until the table size stays below the recommended utilization. If the table continues to grow over the recommended utilization, decrease the inactive NetFlow table aging time.